feat(core): add POST /configs/jwt-customizer/test API

logto-io · Mar 19, 2024 · 3f5c626 · 3f5c626
1 parent 9b7872f
commit 3f5c626
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 1 deletion.
diff --git a/packages/core/src/routes/logto-config.ts b/packages/core/src/routes/logto-config.ts
@@ -16,9 +16,12 @@ import {
   clientCredentialsJwtCustomizerGuard,
   LogtoJwtTokenKey,
   LogtoJwtTokenPath,
+  jsonObjectGuard,
+  customJwtFetcherGuard,
 } from '@logto/schemas';
 import { z } from 'zod';
 
+import { EnvSet } from '#src/env-set/index.js';
 import RequestError from '#src/errors/RequestError/index.js';
 import koaGuard, { parse } from '#src/middleware/koa-guard.js';
 import { exportJWK } from '#src/utils/jwks.js';
@@ -75,7 +78,7 @@ const getRedactedOidcKeyResponse = async (
   );
 
 export default function logtoConfigRoutes<T extends AuthedRouter>(
-  ...[router, { queries, logtoConfigs, invalidateCache }]: RouterInitArgs<T>
+  ...[router, { queries, logtoConfigs, invalidateCache, cloudConnection }]: RouterInitArgs<T>
 ) {
   const {
     getAdminConsoleConfig,
@@ -287,4 +290,43 @@ export default function logtoConfigRoutes<T extends AuthedRouter>(
       return next();
     }
   );
+
+  if (!EnvSet.values.isCloud) {
+    router.post(
+      '/configs/jwt-customizer/:tokenTypePath/test',
+      koaGuard({
+        params: z.object({
+          tokenTypePath: z.nativeEnum(LogtoJwtTokenPath),
+        }),
+        body: z.unknown(),
+        response: jsonObjectGuard,
+        /**
+         * 400 for cloud service zod error (data type does not match expectation, can be either request body or response body)
+         * 422 for cloud service syntax error
+         */
+        status: [200, 400, 422],
+      }),
+      async (ctx, next) => {
+        const {
+          params: { tokenTypePath },
+          body: rawBody,
+        } = ctx.guard;
+        const {
+          body: { tokenSample, contextSample, ...rest },
+        } = getJwtTokenKeyAndBody(tokenTypePath, rawBody);
+
+        const client = await cloudConnection.getClient();
+        const testResult = await client.post(`/api/services/custom-jwt`, {
+          body: customJwtFetcherGuard.parse({
+            ...rest,
+            tokenSample,
+            contextSample,
+          }),
+        });
+
+        ctx.body = testResult;
+        return next();
+      }
+    );
+  }
 }
diff --git a/packages/schemas/src/types/jwt-customizer.ts b/packages/schemas/src/types/jwt-customizer.ts
@@ -57,6 +57,18 @@ export const customJwtFetcherGuard = jwtCustomizerGuard
 
 export type CustomJwtFetcher = z.infer<typeof customJwtFetcherGuard>;
 
+/**
+ * This guard is for testing use (request body guard), renamed previous `token` and `context`
+ * fields (in `customJwtFetcherGuard`) to `tokenSample` and `contextSample`, which can bring
+ * convenience to the testing use case.
+ */
+export const customJwtTesterGuard = customJwtFetcherGuard
+  .pick({ script: true, envVars: true })
+  .extend({
+    tokenSample: jsonObjectGuard,
+    contextSample: jsonObjectGuard.optional(),
+  });
+
 export enum LogtoJwtTokenPath {
   AccessToken = 'access-token',
   ClientCredentials = 'client-credentials',